Re: [squid-users] Fw: Re: Re: Re: More NTLM Problems

From: Johnny Doe <bcreigh843@dont-contact.us>
Date: Tue, 27 Jul 2004 12:21:36 -0700 (PDT)

I'm not sure whats going on. I just put a clean
fedora 2 install on the box and I am getting the same
exact problem. I have no idea what I'm doing wrong
but there is def something wrong. The only thing I
find wierd is that I am trying to use this with
dansguardian and if I stop dansguardian and comment
out the auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp it still doenst
let me out. I keep getting denied in the access log.
--- Adam Aube <aaube01@baker.edu> wrote:

> Please reply to the list and not to me personally.
>
> Johnny Doe wrote:
> > --- Adam Aube <aaube01@baker.edu> wrote:
>
> >> Since you didn't explicitly show it, I'm going to
> guess that you did a
> >> "su squid" before running wbinfo.
>
> >> Have you added any winbind lines to nsswitch.conf
> or PAM? If all you are
> >> using winbind for is Squid integration with a
> Windows domain, you don't
> >> need those lines and can take them out.
>
> >> Just to be thorough, can you post your smb.conf
> file and the output of
> >> "squid -v"?
>
> > Yes I did su over to squid before running that
> command.  I'm not sure you
> > ment by the if I changed pam but here is the squid
> file from
> > the /etc/pam.d
>
> > #%PAM-1.0
> > auth            required        pam_stack.so
> service=system-auth
> > account         required        pam_stack.so
> service=system-auth
>
> > Here is a copy of my nsswitch.conf
>
> > passwd:     files nisplus
> > shadow:     files nisplus
> > group:      files nisplus
> > hosts:      files nisplus dns
> > bootparams: nisplus [NOTFOUND=return] files
> > ethers:     files
> > netmasks:   files
> > networks:   files
> > protocols:  files winbind nisplus
> > rpc:        files
> > services:   files winbind nisplus
> > netgroup:   files winbind nisplus
> > publickey:  nisplus
> > automount:  files winbind nisplus
> > aliases:    files nisplus
>
> > smb.conf
>
> > [global]
> >    workgroup = SMC
> >    server string = SMCSquid Samba Server
> >    winbind uid = 10000-20000
> >    winbind gid = 10000-20000
> >    winbind enum users = yes
> >    winbind enum groups = yes
> >    template homedir = /home/winnt/%D/%U
> >    template shell = /bin/bash
> >    printcap name = /etc/printcap
> >    load printers = yes
> >    log file = /var/log/samba/%m.log
> >    max log size = 50
> >    security = domain
> >    password server = smcnt3
> >    encrypt passwords = yes
> >    smb passwd file = /etc/samba/smbpasswd
> >    unix password sync = Yes
> >    passwd program = /usr/bin/passwd %u
> >    passwd chat = *New*UNIX*password* %n\n
> *ReType*new*UNIX*password* %n\n
>
>*passwd:*all*authentication*tokens*updated*successfully*
>
> > socket options = TCP_NODELAY SO_RCVBUF=8192
> SO_SNDBUF=8192
> > local master = no
> > os level = 33
> > dns proxy = no
> > idmap uid = 16777216-33554431
> > idmap gid = 16777216-33554431
> > template shell = /bin/bash
> > winbind use default domain = yes
> > password server = smcnt3
> > [homes]
> >    comment = Home Directories
> >   browseable = no
> >   writable = yes
> > [printers]
> >   comment = All Printers
> >    path = /var/spool/samba
> >    browseable = no
> >    guest ok = no
> >    writable = no
> >    printable = yes
>
> > squid -v
> > Squid Cache: Version 2.5.STABLE5
> > configure options:  --host=i386-redhat-linux
> --build=i386-redhat-linux
> > --target=i386-redhat-linux-gnu --program-prefix=
> --prefix=/usr
> > --exec-prefix=/usr --bindir=/usr/bin
> --sbindir=/usr/sbin --sysconfdir=/etc
> > --datadir=/usr/share --includedir=/usr/include
> --libdir=/usr/lib
> > --libexecdir=/usr/libexec --localstatedir=/var
> --sharedstatedir=/usr/com
> > --mandir=/usr/share/man --infodir=/usr/share/info
> --exec_prefix=/usr
> > --bindir=/usr/sbin --libexecdir=/usr/lib/squid
> --localstatedir=/var
> > --sysconfdir=/etc/squid --enable-poll
> --enable-snmp
> > --enable-removal-policies=heap,lru
> > --enable-storeio=aufs,coss,diskd,null,ufs
> --enable-ssl
> > --with-openssl=/usr/kerberos --enable-delay-pools
>
> > --enable-linux-netfilter --with-pthreads
> > --enable-ntlm-auth-helpers=SMB,winbind
> >
>
--enable-external-acl-helpers=ip_user,ldap_group,unix_group,wbinfo_group,
> > winbind_group
> > --enable-auth=basic,ntlm
> --with-winbind-auth-challenge
> > --enable-useragent-log --enable-referer-log
> --disable-dependency-tracking
> > --enable-cachemgr-hostname=localhost
> --disable-ident-lookups
> > --enable-truncate --enable-underscores
> --datadir=/usr/share
> >
>
--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SMB,YP,getpwnam,
> > multi-domain-NTLM,SASL,winbind
>
>
>

        
                
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!
http://promotions.yahoo.com/new_mail
Received on Tue Jul 27 2004 - 13:21:36 MDT

This archive was generated by hypermail pre-2.1.9 : Sun Aug 01 2004 - 12:00:02 MDT